Derek Hill has over 25 years of experience in IT and Information Security. He currently manages an Application Security Team and an Infrastructure Security Team (Blue Team) at HP Inc. in Vancouver, WA. His teams are responsible for ensuring that HP’s internally developed applications are secure as well as the AWS infrastructure that is hosting these applications Prior to his current position, Derek held IT management and technical roles at both large and small companies. In each role, he has focused on delivering excellent services, uptime and security for all the projects/staff he managed.

Derek holds an MBA from Willamette University and an undergraduate degree in Management Information Systems from Oregon State University. He has various security credentials including a CISSP and multiple GIAC certifications. Derek is also a member of our chapter.

Abstract:

Are you looking to move your infrastructure into the cloud, but are worried about how to secure it? Are you ready to let go of all of your physical infrastructure? You are not alone in this journey. The cloud does not have to be this scary unknown black hole. Sure, things are certainly different and not everything that you used to do in your own infrastructure is easily repeatable in the cloud; however, there are many benefits. Thing are different, but many things are the same. We will discuss how to secure your cloud environment using both AWS tools and third party tools, including some custom applications that allow you to see what you have and how you need to secure it. We are successfully managing over 120 AWS accounts with approximately 3000 instances and many other AWS services. We hope that you can take away some ideas on how to solve some of your current security problems and gain the confidence that security in the cloud can be achieved.